Skip Over Navigation Links
Center for Information TechnologyAntivirus
Antivirus Home Page
Contact Us
Questions or Comments
Disclaimers

Software
Current client downloads:
VScan Engine/Dat (SuperDat) -5.2.00/4.0.5378
VirusScan Enterprise 8.5i (with Patch 6) - Windows NT/2000/XP/2003
VirusScan Enterprise 7.1 - Windows NT/2000/XP/2003
Virex (OS X) Engine/Def - 7.2(v1.1)/080903
Virex (OS 9.x) Engine/Def - 6.2/071001
Linux & Solaris Engine/Dat - 5.2.00/4.0.5196
Symantec Antivirus - 10.1.7.7000
Symantec Antivirus - 10.2
Clean Boot 1.0
Stinger v3.8.0 virus removal tool (Updated 09/10/07)
Current server downloads:
VirusScan Enterprise 8.5
VirusScan Enterprise 7.1
NetShield NetWare - 4.6.2
NetShield NetWare - 4.6.3
NetShield NetWare Engine Update - 4.4.00
ePO agent for NetWare
ScanMail eManager - 3.0

Information
ePO 3.0/VirusScan 7.0 Presentation
Virex 7.x Installation Instructions
VirusScan FAQs
VirusScan Instructions
Additional Resources

Archives
List of Viruses

Virus Alerts

New worms on the Internet using the vulnerability described in the MS05-039 security article from Microsoft updated 8/18/2005, 11:10 AM

There are new worms that have been detected in the wild that spread by exploiting a Microsoft Windows vulnerability MS05-039 vulnerability.

For stand alone removal of these worms it is recommended to follow the below order of operations:

  1. Remove machine from the network (unplug LAN cable)
  2. Apply Microsoft Patch MS05-039
  3. Run the stand alone removal tools from McAfee, Symantec and Microsoft
  4. Update the antivirus software to the latest Dat or Definition
  5. Run a system scan

Removal Tools

McAfee Stinger v2.5.6 (and later) virus removal tool
Symantec Zotob removal tool
Microsoft virus removal tool v1.7a

McAfee has released SuperDat 4560 (And later) to detect and remove the latest (8/17/05 10:00 AM) variants of these worms. The SuperDat is available here.

Symantec has released definitions dated 8/17/2005 to detect and remove the latest (8/17/05 10:00 AM) variants of these worms. These definitions are available through the LiveUpdate feature of Symantec Antivirus.

Important information from Microsoft regarding this patch is at:

http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx

Additional information from McAfee and Symantec:

McAfee

Symantec

This archive is not intended to be comprehensive. For a more complete virus library, please visit NAI's Virus Information Library at http://vil.nai.com.

Contact NIH Help Desk for assistance:
866-319-4357 (toll free), 301-496-4357 (6-HELP) (local), 301-496-8294 (TDD)
http://ithelpdesk.nih.gov/support
Register for iForgotMyPassWord

National Institutes of HealthCenter for Information Technology
National Institutes of Health
Bethesda, Maryland 20892

Questions or Comments | Disclaimers | Privacy Policy

 Department of Health and Human ServicesHealth and Human Services
Washington, D.C. 20201
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -